<?php
include "configuration.php";
/* Using the functions in this page, you can easily add certain parts of QB into themes,
   or even into your pre-existing site. */
include "./themes/configuration.php";
/* this adds the theme's configuration file */
function inputform(){
	// Input form for Quotes
	echo '
<form action="sendmod.php" method="post">
Submit you quote below:<br>
<textarea rows="15" cols="50" name="quote">Quote Here...</textarea>
<br>
<table border="0">
<tr> <td> Comments: </td><td> <input type="text" size="40" name="comments"></td></tr>

</table>

<br><br>
<input type="submit" value="SUBMIT THE QUOTE">
</form>
	';
}

function showlinks(){
	// LinkBar at the top of the pages..
	// Just produces the text... Style as you wish
	$linkarray = array(
		"Home" 			=> "./index.php",
		"Last 10"	=> "./latest10.php",
		"Random"	=> "./random.php",
		"Add a Quote"	=> "./addquote.php",
                "Admin"                => "./admin",
		);
	foreach($linkarray as $linkname => $linkurl){
		echo "<a href=\"$linkurl\"><font color=\"black\">$linkname</font></a> / ";
	}
}


function showquote_txt($id,$newlines,$special){
	startsql();
	$query = "SELECT * FROM quotes WHERE id = $id";
	$result = mysql_query($query) or die(mysql_error());

	while($row = mysql_fetch_array($result)){
		$id = $row['id'];
                $row['quote'] = htmlspecialchars_decode($row['quote']);
                $row['quote'] = str_replace("&nbsp;"," ",$row['quote']);
		if($newlines == 1){
                    if($special == 1){
	 		echo nl2br(htmlspecialchars($row['quote']));
                    } else { 
 	 		echo nl2br($row['quote']);
		} } else {
			$row['quote']=str_replace("\r","",$row['quote']);
			$nonewlines = str_replace("\n","     ",$row['quote']);
                    if($special == 1){
			echo htmlspecialchars($nonewlines);
} else {
			echo $nonewlines;
		}
	}

	}
	
}

function sendquote($quote,$comm){
global $sqlserver,$sqluser,$sqlpassword,$sqldb;
$sendmod = mysql_connect($sqlserver,$sqluser,$sqlpassword) or die("Could Not open connection to the Database");
mysql_select_db($sqldb);
$safequote    = mysql_real_escape_string($quote);
$safecomments = mysql_real_escape_string($comm);

mysql_query("INSERT INTO queue (ID, quote, comments) VALUES(NULL, '$safequote', '$safecomments' ) ") or die(mysql_error());
mysql_close($sendmod);
}

function echoquote($id, $rating, $quote,$comments){
	echo '<div id="body"><div id="number"><font size="2"><b>';
	
	if($id % 2) echo '('.$id.')';
	else echo '('.$id.')';
	
	echo '
	
	</b></font></div><span id="ajax' . $id . '"/> <div id="death"><img src="./themes/images/death.png"><br>
		 <br>Rating: ' . return_vote_ajax($id,1) .  
		'<font color="green" size="5">+</font></a></span> <span id="voteajax'
		. $id . '">' . $rating . '</span> ' . 
		return_vote_ajax($id,-1) . '<font color="red" size="6">-</font></a> </div><br>'.nl2br(htmlspecialchars($quote))."<br><br>Comments: ".$comments."<br><br></div><br>";
}
function return_vote_ajax ($id, $vote) { 
	return '<span style="cursor:pointer"' . 
		'" onclick="vote(' . $id . ',' . $vote . 
		');" STYLE="text-decoration:none">';

}
function latest10(){
	startsql();
	$query = " SELECT * FROM quotes ORDER by id DESC  LIMIT 10";
        $result = mysql_query($query) or die(mysql_error());

	 // print the random numbers
	while($row = mysql_fetch_array($result))
	{
	$id = $row['id'];
	$rating = $row['rating'];
	$quote = $row['quote'];
	$comments = $row['comment'];
        echoquote($id,$rating,$quote,$comments);
	}

}

function showquote($id){
	startsql();
	$query = "SELECT * FROM quotes WHERE id = $id";
	$result = mysql_query($query) or die(mysql_error());

	while($row = mysql_fetch_array($result)){
	$id = $row['id'];
	$rating = $row['rating'];
	$quote = $row['quote'];
	$comments = $row['comment'];
        echoquote($id,$rating,$quote,$comments);
		
	}
}


function startsql(){
        global $sqlserver,$sqluser,$sqlpassword,$sqldb;
        $sendmod = mysql_connect($sqlserver,$sqluser,$sqlpassword) or die("Could Not open connection to the Database");
        mysql_select_db($sqldb);
}


function endsql(){
        global $sendmod;
        mysql_close($sendmod);
}


function random($number){
	startsql();
	$query = " SELECT * FROM quotes ORDER by RAND() LIMIT $number";
        $result = mysql_query($query) or die(mysql_error());

	 // print the random numbers
	while($row = mysql_fetch_array($result))
	{
	$id = $row['id'];
	$rating = $row['rating'];
	$quote = $row['quote'];
	$comments = $row['comment'];
        echoquote($id,$rating,$quote,$comments);

	}

}

function footer(){
	startsql();
	$quoteall = mysql_query("SELECT * FROM quotes");
	$nquote = mysql_num_rows($quoteall);
	
	$queueall = mysql_query("SELECT * FROM queue");
	$nqueue = mysql_num_rows($queueall);

	echo "Life To Death Quote Database by Stranded<br> $nquote quotes found in database | $nqueue awaiting moderation";
}

function qheader(){
	echo '<center><img src="./themes/logo.png" alt="QB Logo">
	<br><form action="search.php" method="get">
	<input type="text" size="26" name="q"> <input type="submit" value="Search"></form>
	</center><br>';
}

function check_user_ip($userip) {
    $s_userip = mysql_real_escape_string($userip);
    $result = mysql_query("SELECT `ip_id` from ips where ip = '$s_userip'") or
die(mysql_error()); //better >.> ok, still...
    //lets test that we actually got a result back...
    if (0 == mysql_num_rows($result)) { // no result, we need to return false.
        return false;
    }
    //now that we know we have a return value, this means that the IP exists
    //in our database, return the ip id for further use.
    $row = mysql_fetch_row($result);
    return $row[0];
}

//now we need a function to insert a new IP should we not already have it
//in the database as in the prior example.
function insert_new_ip($userip) {
    $s_userip = mysql_real_escape_string($userip);
    mysql_query("INSERT INTO ips (ip) VALUES ('$s_userip')");
    return mysql_insert_id();
}
//This is the functino you call to get the IP ID, if it returns false
//something went hugely wrong. You should get the ID.
function get_user_ip_id($userip) {
    $userip_check = check_user_ip($userip);
    if (false == $userip_check) { // we need to create a new row..
        return insert_new_ip($userip);
    } else {
        return $userip_check;
    }
}
function add_new_vote($ip,$quoteid,$vote) {
	$s_quoteid = mysql_real_escape_string($quoteid);
	$s_vote = mysql_real_escape_string($vote);

	$ip_id = get_user_ip_id($ip);
	$checkedvote = check_vote($ip_id,$quoteid);
	if(-99 == $checkedvote) { //new vote...
		$voter = add_vote($ip_id,$quoteid,$vote);
		if(true === $voter) { // all is good...
			return true;
		} else { return false; } //soemthing is wrong, no vote added.
	} else {
		return false; // no vote added.
	}
}
//more functions, might as well work here.
function check_vote($ipid,$quoteid) {
    $s_ipid = mysql_real_escape_string($ipid);
    $s_quoteid = mysql_real_escape_string($quoteid);
    $result = mysql_query("SELECT `change` from votes where quote_id = '$s_quoteid' AND ip_id = '$s_ipid'");
    if(0 == mysql_num_rows($result)) {
        return -99; //no vote... '0' is a valid return value. (-1,0,or 1). uhh, ok.. >.>
    }
    $row = mysql_fetch_row($result);
    return $row[0];
}

function add_vote($ipid,$quoteid,$vote) {
    $s_ipid = mysql_real_escape_string($ipid);
    $s_quoteid = mysql_real_escape_string($quoteid);
    $s_vote = mysql_real_escape_string($vote);

    $result = mysql_query("INSERT INTO votes (quote_id,ip_id,`change`) VALUES ('$s_quoteid','$s_ipid','$s_vote')");
    //also update rating...
    if( 1 == $vote) {
        $change = 1;
    } elseif (-1 == $vote) {
        $change = -1;
    } else {
        return -99;
    }

    update_rating($change,$quoteid);
    return true;
}

function update_rating ($change,$qid) {
    $s_q = mysql_real_escape_string($qid);
    $result2 = mysql_query("UPDATE quotes SET rating = rating + $change WHERE id = '$s_q'");
}
function get_rating ($quote_id) {
	$s_q = mysql_real_escape_string($quote_id);
	$result = mysql_query("SELECT rating from quotes where id = '$s_q'");
	if(0 == mysql_num_rows($result)) { 
		//trying to query a quote that does not exist.
		return false;
	} else {
		$row = mysql_fetch_row($result);
		return $row[0];
	}
}
function css($css) {
        echo '<link href="'. $css .'" rel="stylesheet" type="text/css">';                    
}
function title($title) {
        echo $title;
}

?>
